Ecommerce websites, particularly WooCommerce-based platforms, are lucrative targets for hackers due to their sensitive customer data, payment systems, and high traffic. Without proper security measures,...
MoeSec Research Blog
Holiday Hack Alert: Credit Card Skimmers Could Steal Christmas Cheer—Don’t Let Fraud Ruin Your Holidays!
We will analyze a sample malicious JavaScript code found by a MoeSec Security Analyst, decode it, and explain its purpose. Furthermore, we will outline the...
Do you think Hackers are not interested in Hacking your small website?
Website security is a critical aspect for all businesses, not a luxury. Cyber threats, hackers, and malware can target any website, regardless of its size...
A Vulnerability in LiteSpeed Cache WordPress Plugin CVE-2024-47374
A new vulnerability in the LiteSpeed Cache WordPress plugin. This plugin is widely used for optimizing website performance through caching. The vulnerability allows attackers to...
Analysis of a New Balada Malware Variant found on WordPress Websites
The Balada Injector is a well-known family of malware that primarily targets WordPress sites. It mass-injects malicious JavaScript into websites, often taking advantage of vulnerabilities...
WAF vs CMS Firewall Security Plugins
For robust security, especially in high-risk environments, a WAF like MoeSec offers an additional layer of defense that mitigates risks associated with CMS security plugins....
Analysis of a newly found Malicious JavaScript on WordPress Sites
The MoeSec security team recently discovered a piece of malicious JavaScript on a WordPress website. This script was injected using the Simple Custom CSS and...
Credit Card Skimmer Targeting eCommerce Websites using Magento, WooCommerce and OpenCart: Analysis and Mitigation
This article analyzes a specific skimmer affecting Magento, WooCommerce, and OpenCart based websites, deciphers its malicious code, discusses how it operates, and provides steps for...
New wave of SocGholish JavaScript malware injection Found on many WordPress Websites
New wave of SocGholish JavaScript malware injection Found on many WordPress Websites loading malicious code from MEMORYLOADER[.]COM
Uncovering Encoded JavaScript Malware: Analysis of a new Malware Campaign
MoeSec security researchers recently discovered a new strain of javascript malware that utilizes advanced encoding techniques to evade detection. This malware leverages a combination of...